Blog

You can become a superhero of automation and development by learning and practicing. This is our blog from our learnings and practice.

We are consultants and trainers in Cloud Foundry, devops automation and continous delivery. We have the best jobs in the world helping you have the best job in the world.

Accessing BOSH, CredHub, and Vault via magic tunnels

It is not a good idea to allow your BOSH/CredHub/Vault to be accessible on the public internet. Yes, they both require credentials and certificates to access, but there is just no good reason to expose them on the internet. So you will only deploy them into private networks. Unfortunately, now you’ve made it hard for

Ashley Gerwitz Profile Image

Posted by:
Ashley Gerwitz

Read More ➝
Can I share Cloud Foundry service instances yet?

One of the most requested features for Stark & Wayne kStreams (powered by Apache Kafka) was, "How do we share our Kafka topics between different Cloud Foundry spaces?" Great question, but it wasn’t in the domain of a service broker to break the fundamental isolation tenants of Cloud Foundry. Fortunately, the Cloud Foundry Services API

Ashley Gerwitz Profile Image

Posted by:
Ashley Gerwitz

Read More ➝
A Handy S3 CLI

Do you ever get annoyed that you have to install Python, pip, and then AWS CLI in order to simply access your S3 storage to manage your buckets? I know once in a while, I do. Then this awesome guy, James Hunt, showed me a handy tool S3 CLI he wrote. It is simple, but

Dr. Xiujiao Gao 高秀娇 Profile Image

Posted by:
Dr. Xiujiao Gao 高秀娇

Read More ➝
Is using BUCC a better way to bootstrap BOSH?

BUCC is the convention over configuration tool to make it easy to deploy the best, securest, most backupable BOSH/Concourse on a single VM. The Problem The bosh-deployment is the fantastic tool for deploying a BOSH VM to any infrastructure. A vanilla BOSH or one with UAA/CredHub. A BOSH that can deploy normal infrastructure VMs or

Ashley Gerwitz Profile Image

Posted by:
Ashley Gerwitz

Read More ➝
Configure UAA in CF with SAML as A Service Provider

Before we start going through how to configure UAA in CF with SAML as a Service Provider, let’s make sure we have common terminology. UAA The User Account and Authentication (UAA) is the OAuth2 server used as the identity management service for Cloud Foundry (CF). UAA supports standard protocols such as the Security Assertion Markup

Dr. Xiujiao Gao 高秀娇 Profile Image

Posted by:
Dr. Xiujiao Gao 高秀娇

Read More ➝
BUCC supports Backup & Restore finally!

Many people have asked about how to backup and restore BUCC (an introduction to BUCC can be found here. The wait is over, because as of v0.4.0, there is full support for BBR (BOSH Backup & Restore). The technical details will be given at the end of this blogpost, but first, here is the short

Ruben Koster Profile Image

Posted by:
Ruben Koster

Read More ➝
The VPN is dead – protecting your business apps with GitHub/Google Apps auth

It is easier, faster, and cheaper to borrow GitHub for your next internal business app than to write your own login/reset-password/two-factor authentication/team management system. In 2018 it is easier than ever to write small bespoke web apps for your business. Pick a high-level web framework (Ruby on Rails, Spring/Java) with a high-level ORM, collect data

Ashley Gerwitz Profile Image

Posted by:
Ashley Gerwitz

Read More ➝
Schedule containers in Pivotal Cloud Foundry

At Stark & Wayne we’ve been building out a set of internal web apps to help collect and pass information to the staff who need it. For example, one app pulls data from a primary source (such as timesheet entries) and at the end of the day it shares the information into a private Slack

Ashley Gerwitz Profile Image

Posted by:
Ashley Gerwitz

Read More ➝
BOSH releases with Git LFS

Using an external blobstore for your BOSH release is considered a best practice, since you don’t want to pollute your git repo with big files. However there are some downsides to this approach: Need a AWS or GCP account; or need an internal compatible blobstore Sharing manage credentials to upload blobs (private.yml) Restricted environments sometimes

Ruben Koster Profile Image

Posted by:
Ruben Koster

Read More ➝